<%@page import="java.net.URLEncoder"%>
<%@page import="java.net.URLDecoder"%>
<%@page import="java.sql.ResultSet"%>
<%@page contentType="text/html" pageEncoding="UTF-8"%>
<jsp:useBean id="database" scope="request" class="accessibleworldsdatabase.AccessibleWorldsDatabaseJavaBeans"/>
<jsp:useBean id="des" scope="request" class="accessibleworldsdes.AccessibleWorldsDESJavaBeans"/>
<%try {

String accessCode = request.getParameter("accessCode");

if(!(accessCode==null || "".equals(accessCode))) {
	
    accessCode = des.decryptString(session.getId(), accessCode);
    accessCode = URLDecoder.decode(accessCode, "UTF-8");
    
    if(des.getAndroidAccessCode().equals(accessCode) || des.getComputerAccessCode().equals(accessCode)) {
    	
    	String userID = request.getParameter("userID");
    	String reportID = request.getParameter("reportID");
    	
    	if(!(userID == null || "".equalsIgnoreCase(userID) ||
    			reportID == null || "".equalsIgnoreCase(reportID))) {
    		
    		userID = des.decryptString(session.getId(), userID);
    		reportID = des.decryptString(session.getId(), reportID);
    		
    		userID = URLDecoder.decode(userID, "UTF-8");
    		reportID = URLDecoder.decode(reportID, "UTF-8");
    		
    		database.connect(des.decryptString(des.getServiceSecretKey(), database.getEncryptedPassword()));
    		
    		String rate = "0";
    		
    		String SQL =
    		"SELECT"+
    			" Rating"+
    			" FROM Report_Ratings"+
    			" WHERE"+
    				" User_id ="+userID+
    				" AND Report_id = "+reportID;
    		
    		ResultSet resultSet = database.execSQL(SQL);
    		
    		if(resultSet.next()) {
    			
    			rate = resultSet.getString("Rating");
   			}

		    String output = URLEncoder.encode("OK","UTF-8");
		    output = output + URLEncoder.encode(rate,"UTF-8");
		    
	        output = des.encryptString(session.getId(),output);
	        out.print(output);
	        
		    database.closeConnection();
    	}
    }
}
} catch (Exception ex) {}%>